Skip to content

ci(security): add openssf scorecard github action #1

ci(security): add openssf scorecard github action

ci(security): add openssf scorecard github action #1

Triggered via push February 7, 2025 12:09
Status Startup failure
Total duration
Artifacts

scorecard.yml

on: push
Scorecard analysis
2m 32s
Scorecard analysis
Fit to window
Zoom out
Zoom in

Annotations

2 errors
Scorecard analysis
Create Artifact Container failed: The artifact name SARIF file is not valid. Request URL https://pipelinesghubeus2.actions.githubusercontent.com/PQ0BONWSTlpfKuFCvNCn3T2TMaUDtBdvTIzvyjL2anbe2fiA28/_apis/pipelines/workflows/13199277726/artifacts?api-version=6.0-preview
Error
ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 is not allowed to be used in HibiscusCollective/hibikey. Actions in this workflow must be: within a repository owned by HibiscusCollective or matching the following: ossf/scorecard-action, step-security/harden-runner, actions/*, github/codeql-action/*.